Communication network service providers are increasingly relied upon to provide security services on both their internal and external network domains. However, these security services are continually challenged by the sheer volume of network data and the changing landscape of security threats as new avenues of security attacks or threats arise. For example, the volume of network data may make it more difficult to provide timely analysis and recognition of security risks. Moreover, analyzing high volumes of network data consumes large amounts of time and processor resources. Therefore, there is a need for a scalable and resource-efficient security practice that uses hierarchical pattern recognition of the communication network data to analyze for security risks.